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1 CLAIMS : 
2 



1 1 . In an online commerce transaction system including a buyer, a seller, and an 

2 authentication service, a processor-implemented method for authenticating to the seller that the 

3 buyer is authorized to use a payment instrument as part of an online commerce transaction, the 

4 method comprising: 

5 in real-time as part of the online commerce transaction, the authentication service 

6 performing the steps of: 

7 receiving a request to verify that the buyer is authorized to use the payment 

8 instrument; 

9 determining v^hether the buyer has access to secret information without revealing 
10 the secret information to the seller, wherein access to the secret 

^1 information verifies authority to use the payment instrument; and 

12 responsive to the determination of whether the buyer has access to the secret 

13 information, transmitting to the seller a response including whether the 

14 buyer is authorized to use the payment instrument. 

1 2. The method of claim 1 wherein, in real-time as part of the online commerce transaction, 

2 the authentication service further performs the step of: 

3 applying profile information about the buyer to the online commerce transaction. 
/ 3. The method of claim 1 further comprising: 

2 responsive to a determination that the buyer has access to the secret information, the 

3 authentication service at least partially processing the payment instrument. 

1 4. The method of claim 1 further comprising: 

2 the authentication service storing a record of the use of the payment instrument. 
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1 5. The method of claim 4 wherein the record has been digitally signed by the buyer. 

1 6. The method of claim 4 wherein the record has been digitally signed by the authentication 

2 service. 

1 7. The method of claim 1 further comprising: 

2 prior to the online commerce transaction, the authentication service performing the steps 

3 of: 

4 receiving confirmation information which enables the authentication service to 

5 determine whether the buyer has access to the secret information; and 

6 storing the confirmation information; 

7 wherein the step of determining whether the buyer has access to secret information 

8 comprises: 

9 retrieving the confirmation information; and 

10 using the confirmation information to determine whether the buyer has access to 

11 the secret information. 

/ 8. The method of claim 1 wherein the step of receiving a request to verify that the buyer is 

2 authorized to use the payment instrument includes receiving the request as a result of an offer 

3 from the buyer to use the payment instrument, 

/ 9. The method of claim 1 wherein the online commerce transaction system is an HTTP- 

2 based web system. 

1 10. The method of claim 9 wherein the secret information comprises a private key, and the 

2 private key and a corresponding public key form a key pair for use in public-key cryptography. 

1 11. The method of claim 1 0 wherein in real-time as part of the online commerce transaction, 

2 the authentication service further performs the step of: 
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3 receiving an offer from the buyer to use the payment instrument, wherein the offer is 

4 digitally signed using the private key. 

J 12. The method of claim 9 wherein the step of receiving a request to verify that the buyer is 

2 authorized to use the payment instrument comprises: 

3 receiving the request as a result of the buyer submitting a form for the online commerce 

4 transaction using a web browser, the form comprising: 

5 an action attribute identifying the authentication service; and 

6 a method attribute for transmitting the request to the authentication service as a 

7 result of the buyer's submission of the form. 

1 13. The method of claim 1 2 wherein: 

2 the request further comprises an address for the seller; and 

5 the step of transmitting to the seller a response comprises transmitting the response to the 

4 address included in the request. 

1 14. The method of claim 9 wherein the step of determining whether the buyer has access to 

2 secret information comprises: 

3 transmitting to the buyer a challenge request requesting proof that the buyer has access to 

4 the secret information; 

5 receiving from the buyer a challenge response allegedly proving that the buyer has access 

6 to the secret information; and 

7 determining on the basis of the challenge response whether the buyer has access to the 

8 secret information. 

/ 15. The method of claim 14 wherein the challenge request further comprises: 

2 a description of the online commerce transaction for which the payment instrument is to 

3 be used; and 
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a request for the buyer's consent to use the payment instrument for the onUne commerce 
transaction. 



/ 16. The method of claim 9 wherein the step of transmitting to the seller a response including 

2 whether the buyer is authorized to use the payment instrument comprises POSTing the response 

3 to the seller. 

1 17. A software program product for authenticating to a seller that a buyer is authorized to use 

2 a payment instrument as part of an online conmierce transaction, the software program product 

3 controUing the operation of a processor by execution of the software by the processor, the 

4 software executing the steps of: 

5 in real-time as part of the online commerce transaction: 

6 receiving a request to verify that the buyer is authorized to use the payment 

7 instrument; 

8 determining whether the buyer has access to secret information without revealing 

9 the secret information to the seller, wherein access to the secret 

^ 0 information verifies authority to use the payment instrument; and 

^ ^ responsive to the determination of whether the buyer has access to the secret 

information, transmitting to the seller a response including whether the 
buyer is authorized to use the payment instrument. 

1 18. The software program product of claim 1 7 wherein, in real-time as part of the online 

2 commerce transaction, the software fiirther performs the step of: 

3 applying profile information about the buyer to the online commerce transaction. 

1 1 9. The software program product of claim 1 7 wherein the software fiirther performs the step 

2 of: 

3 responsive to a determination that the buyer has access to the secret information, at least 

4 partially processing the payment instrument. 
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1 20. The software program product of claim 1 7 wherein the software further performs the step 

2 of: 

3 storing a record of the use of the payment instrument. 

1 21. The software program product of claim 20 wherein the software fiirther performs the step 

2 of: 

3 digitally signing the record. 

1 22. The software program product of claim 17 wherein the step of determining whether the 

2 buyer has access to secret information comprises: 

3 retrieving confirmation information; and 

4 using the confirmation information to determine whether the buyer has access to the 

5 secret information. 

1 23 . The software program product of claim 1 7 wherein the software program product is 

2 adapted for execution by a web server. 

1 24. The software program product of claim 23 wherein the secret information comprises a 

2 private key, and the private key and a corresponding pubUc key form a key pair for use in pubhc- 

3 key cryptography. 

7 25. The software program product of claim 24 wherein in real-time as part of the online 

2 commerce transaction, the software fiirther performs the step of: 

3 receiving an offer fi:om the buyer to use the payment instrument, wherein the offer is 

4 digitally signed using the private key. 

/ 26. The software program product of claim 23 wherein the step of receiving a request to 

2 verify that the buyer is authorized to use the payment instrument comprises: 

3 receiving the request as a result of the buyer submitting a form for the online commerce 

4 transaction using a web browser, the form comprising; 
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5 an action attribute identifying the authentication service; and 

6 a method attribute for transmitting the request to the authentication service as a 

7 result of the buyer's submission of the form. 

1 27. The software program product of claim 26 wherein: 

2 the request further comprises an address for the seller; and 

3 the step of transmitting to the seller a response comprises transmitting the response to the 

4 address included in the request. 

1 28. The software program product of claim 23 wherein the step of determining whether the 

2 buyer has access to secret information comprises: 

3 transmitting to the buyer a challenge request requesting proof that the buyer has access to 

4 the secret information; 

5 receiving from the buyer a challenge response allegedly proving that the buyer has access 

6 to the secret information; and 

7 determining on the basis of the challenge response whether the buyer has access to the 

8 secret information. 

1 29. The software program product of claim 28 wherein the challenge request further 

2 comprises: 

3 a description of the online commerce transaction for which the payment instrument is to 

4 be used; and 

5 a request for the buyer's consent to use the payment instrument for the online commerce 

6 transaction. 

1 30. The software program product of claim 23 wherein the step of transmitting to the seller a 

2 response including whether the buyer is authorized to use the payment instrument comprises 

3 POSTing the response to the seller. 

1 31. An online commerce transaction system with buyer authentication comprising: 
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2 a seller; 

3 a buyer desiring to use a payment instrument as part of an online commerce transaction 

4 with the seller; and 

J an authentication service communicatively coupled to the seller, for performing, in real- 

6 time as part of the online commerce transaction, the steps of: 

7 receiving a request to verify that the buyer is authorized to use the payment 

5 instrument; 

9 determining whether the buyer has access to secret information without revealing 

10 the secret information to the seller, wherein access to the secret 

11 information verifies authority to use the payment instrument; and 

12 responsive to the determination of whether the buyer has access to the secret 
75 information, transmitting to the seller a response including whether the 
14 buyer is authorized to use the payment instrument. 

1 32, The system of claim 3 1 wherein the authentication service is further adapted for storing a 

2 record of use of the pajonent instrument. 

1 33. The system of claim 3 1 wherein the authentication service is communicatively coupled to 

2 the seller using the HTTP protocol. 

1 34. The system of claim 3 1 wherein the secret information comprises a private key, and the 

2 private key and a corresponding public key form a key pair for use in public-key cryptography. 
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